I'm submitting a form to a preview page(form) and then a final submit. I'm having trouble getting move_uploaded_file to work. How do i solve this? when i check the directory there is no file there.
$tmpname = $_FILES['titleimage']['tmp_name']; $imagefile = $_FILES['titleimage']['name']; $filename = basename($imagefile); $imagename = dirname(__FILE__).'/avatar/'.$filename; echo "<form enctype='multipart/form-data' id='submitpreview' action='/upload' method='POST'> <input type='hidden' name='image' value='$tmpname' readonly /> <input type='hidden' name='imagedir' value='$imagename' readonly />"; //other code echo "<div id='preview-submit-button'><a>Submit</a></div> </form>";
$image = $_POST['image']; $directory = $_POST['imagedir']; move_uploaded_file($image,$directory);Answer1:
Are you sure the temporary file
$_FILES['titleimage']['tmp_name'] is still there after you submit the second form? Remember, it's a temporary file. I'm afraid it <em>lives</em> only for the time the first form is submitted (just until request is processed).
So, you should:<ol><li>
As soon as possible (that means, in the page that receive the first form, your preview page in fact) you save the temporary file in a folder of yours using <strong><a href="http://php.net/manual/en/function.move-uploaded-file.php" rel="nofollow">
If the user <strong>confirms</strong> the preview, you move the file from the directory where you saved it in step <em>1</em> to its <em>definitive</em> folder, using the <strong><a href="http://php.net/manual/en/function.rename.php" rel="nofollow">
If user <strong>does not confirm</strong> the preview, you delete it using <strong><a href="http://php.net/manual/en/function.unlink.php" rel="nofollow">
Additionaly, as <strong>Marc B</strong> pointed out, you should have a look to the security of your <em>preview-save</em> logic. Passing paths and filenames in hidden form field is a very good way to help hackers break your system. Have a look at <strong><a href="http://it.php.net/manual/en/book.session.php" rel="nofollow">PHP Sessions</a></strong> (maybe you already know), and consider moving that paths from the public form to a session variable.